Recently the “WannaCry” ransomware wreaked havoc on networks across the globe infecting millions of computers and businesses.
Recently the “WannaCry” ransomware wreaked havoc on networks across the globe infecting millions of computers and businesses. One of the major victims of this attack was the National Health Service of the U.K. which has a number of hospitals under it.
In fact ransomware have been around for over ten years now, although it has begun to hurt hospitals only recently. For people with malicious intentions, hospitals are a perfect target as they often hold several terabytes of sensitive data that need to be pulled up at any point of time. The ransomware works by locking up your data and preventing any access to it till you pay money to the attackers.
According to Alexander Gostev, Chief Security Expert, Global Research and Analysis Team, Kaspersky Lab, health care facilities are seen as a lucrative victim for these kind of attacks.
“Hospitals are a common target because of monetary reasons and often the payoff to cybercriminals is quite significant,” Gostev said.
How can hospitals be prepared against it?
It has to be accepted that ransomware is here to stay. Despite efforts from cyber security companies to prevent the best of the best malicious brains from attempting to make such malware, there will be those who will be able to come up with such code. The only solution, then, is for hospitals to be prepared for such attacks.
According to Gostev, there are several steps that hospitals can take. The first and foremost is to make sure all the important files are backed-up regularly. In the case of NHS attack, it was unclear if the system had backed up important files, although one of the officials was caught saying it was necessary. Gostev pointed out that it is not only important to back up, but also regularly make sure that the backup copy is in good condition. There are times when accidental failure can inflict damage to your files.
There are several ways through which hackers try to gain access to your computers. One of them is through email attachments.
“Cybercriminals often distribute fake email messages mimicking email notifications from an online store or a bank, luring a user to click on a malicious link and distribute malware,” Gostev said. “This method is called phishing. With that in mind, fine-tune your antispam settings and never open attachments sent by an unknown sender. Trust no one, literally. Malicious links can be sent by your friends on social media, your colleague or online gaming partner whose accounts have been compromised in one way or another.”
To make is easier to distinguish potentially dangerous files, users can enable show extensions option in the Windows settings. As Trojans are programs, you should be warned to stay away from file extensions like “.exe”, “.vbs” and “.scr”. One needs to remain vigilant on this as many familiar file types can also end up being dangerous. Scammers could use several extensions to masquerade a malicious file as a video, photo, or a document, said Gostev.
Of course, it goes without saying that the operating system and antivirus solution need to be up-to-date to thwart such attacks. Make sure you use a robust antivirus solution. Finally, if you feel that there is a suspicious activity going on in your computer, make sure to cut remove the computer from the network.
“If you discover a rogue or unknown process on your machine, cut off the Internet connection immediately,” Gostev said. “If the ransomware did not manage to erase the encryption key from your computer, there’s still a chance you can restore the files. However, the new strains of this type of malware use a predefined key, so this tip, unfortunately, would not work in that case.”